Re: [http-state] Is this an omission in the parser rules of draft-ietf-httpstate-cookie-21?

"Remy Lebeau" <remy@lebeausoftware.org> Fri, 04 February 2011 18:30 UTC

Return-Path: <remy@lebeausoftware.org>
X-Original-To: http-state@core3.amsl.com
Delivered-To: http-state@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5F15C3A6A33 for <http-state@core3.amsl.com>; Fri, 4 Feb 2011 10:30:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3aeoIsOrAcEy for <http-state@core3.amsl.com>; Fri, 4 Feb 2011 10:30:36 -0800 (PST)
Received: from smtpoutwbe04.prod.mesa1.secureserver.net (smtpoutwbe04.prod.mesa1.secureserver.net [208.109.78.206]) by core3.amsl.com (Postfix) with SMTP id 7E2873A67CC for <http-state@ietf.org>; Fri, 4 Feb 2011 10:30:36 -0800 (PST)
Received: (qmail 14671 invoked from network); 4 Feb 2011 18:34:01 -0000
Received: from unknown (HELO mm03.prod.mesa1.secureserver.net) (208.109.138.3) by smtpoutwbe04.prod.mesa1.secureserver.net with SMTP; 4 Feb 2011 18:34:01 -0000
Received: (qmail 30842 invoked by uid 99); 4 Feb 2011 18:34:01 -0000
Message-ID: <20110204183401.30839.qmail@mm03.prod.mesa1.secureserver.net>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_5d353a1f7bc65c8a35ddc7d7bc073b16"
Message_ID: <20110204113401.f00013ceab8fb1928885c5c172fbfd4a.85aaacd19d.wbe@mobilemail.secureserver.net>
From: "Remy Lebeau" <remy@lebeausoftware.org>
To: ietf@adambarth.com, http-state@ietf.org
Date: Fri, 04 Feb 2011 11:34:01 -0700
X-Originating-IP: 76.93.119.83
Subject: Re: [http-state] Is this an omission in the parser rules of draft-ietf-httpstate-cookie-21?
X-BeenThere: http-state@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discuss HTTP State Management Mechanism <http-state.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-state>
List-Post: <mailto:http-state@ietf.org>
List-Help: <mailto:http-state-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Feb 2011 18:30:37 -0000

-------- Original Message --------
Subject: Re: [http-state] Is this an omission in the parser rules of
draft-ietf-httpstate-cookie-21?
From: Adam Barth <ietf@adambarth.com>;
Date: Fri, February 04, 2011 12:32 am
To: Julian Reschke <julian.reschke@gmx.de>;
Cc: Remy Lebeau <remy@lebeausoftware.org>;, http-state@ietf.org

> We haven't done that for any of the other 
> "changes" since 2109.  IMHO, we'll lead 
> happier lives if we act as if 2109 never 
> existed.

Except that it did exist, was standardized, and some servers did
implement it (or at least parts of it). And I've seen some servers have
configuration options to enable/disable individual cookie specs
(including RFC 2965). Just because RFC 2109 was not commonly used does
not mean it was not used at all (Indy's own implementation supported the
Netscape and RFCs 2109 and 2965 specs almost fully until I recently
discovered the current draft work and am now switching to it), so it
should not be dismissed completely if interoperability is a key goal. At
the very least, allow the cookie-av grammer to recognize quoted-string
values.